mirror of https://github.com/Icinga/icinga2.git
Merge pull request #5236 from dupondje/master
ITL: Add some missing arguments to ssl_cert
This commit is contained in:
commit
741f1b346e
|
@ -4832,17 +4832,21 @@ ssl_cert_file | **Optional.** Local file path. Works only if `ss
|
||||||
ssl_cert_warn | **Optional.** Minimum number of days a certificate has to be valid.
|
ssl_cert_warn | **Optional.** Minimum number of days a certificate has to be valid.
|
||||||
ssl_cert_critical | **Optional.** Minimum number of days a certificate has to be valid to issue a critical status.
|
ssl_cert_critical | **Optional.** Minimum number of days a certificate has to be valid to issue a critical status.
|
||||||
ssl_cert_cn | **Optional.** Pattern to match the CN of the certificate.
|
ssl_cert_cn | **Optional.** Pattern to match the CN of the certificate.
|
||||||
|
ssl_cert_altnames | **Optional.** Matches the pattern specified in -n with alternate
|
||||||
ssl_cert_issuer | **Optional.** Pattern to match the issuer of the certificate.
|
ssl_cert_issuer | **Optional.** Pattern to match the issuer of the certificate.
|
||||||
ssl_cert_org | **Optional.** Pattern to match the organization of the certificate.
|
ssl_cert_org | **Optional.** Pattern to match the organization of the certificate.
|
||||||
ssl_cert_email | **Optional.** Pattern to match the email address contained in the certificate.
|
ssl_cert_email | **Optional.** Pattern to match the email address contained in the certificate.
|
||||||
ssl_cert_serial | **Optional.** Pattern to match the serial number.
|
ssl_cert_serial | **Optional.** Pattern to match the serial number.
|
||||||
|
ssl_cert_noauth | **Optional.** Ignore authority warnings (expiration only)
|
||||||
ssl_cert_match_host | **Optional.** Match CN with the host name.
|
ssl_cert_match_host | **Optional.** Match CN with the host name.
|
||||||
ssl_cert_selfsigned | **Optional.** Allow self-signed certificate.
|
ssl_cert_selfsigned | **Optional.** Allow self-signed certificate.
|
||||||
ssl_cert_sni | **Optional.** Sets the TLS SNI (Server Name Indication) extension.
|
ssl_cert_sni | **Optional.** Sets the TLS SNI (Server Name Indication) extension.
|
||||||
ssl_cert_timeout | **Optional.** Seconds before connection times out (default: 10)
|
ssl_cert_timeout | **Optional.** Seconds before connection times out (default: 15)
|
||||||
ssl_cert_protocol | **Optional.** Use the specific protocol {http,smtp,pop3,imap,ftp,xmpp,irc,ldap} (default: http).
|
ssl_cert_protocol | **Optional.** Use the specific protocol {http,smtp,pop3,imap,ftp,xmpp,irc,ldap} (default: http).
|
||||||
ssl_cert_clientcert | **Optional.** Use client certificate to authenticate.
|
ssl_cert_clientcert | **Optional.** Use client certificate to authenticate.
|
||||||
ssl_cert_clientpass | **Optional.** Set passphrase for client certificate.
|
ssl_cert_clientpass | **Optional.** Set passphrase for client certificate.
|
||||||
|
ssl_cert_ssllabs | **Optional.** SSL Labs assestment
|
||||||
|
ssl_cert_ssllabs_nocache | **Optional.** Forces a new check by SSL Labs
|
||||||
ssl_cert_rootcert | **Optional.** Root certificate or directory to be used for certficate validation.
|
ssl_cert_rootcert | **Optional.** Root certificate or directory to be used for certficate validation.
|
||||||
ssl_cert_ignore_signature | **Optional.** Do not check if the certificate was signed with SHA1 od MD5.
|
ssl_cert_ignore_signature | **Optional.** Do not check if the certificate was signed with SHA1 od MD5.
|
||||||
ssl_cert_ssl_version | **Optional.** Force specific SSL version out of {ssl2,ssl3,tls1,tls1_1,tls1_2}.
|
ssl_cert_ssl_version | **Optional.** Force specific SSL version out of {ssl2,ssl3,tls1,tls1_1,tls1_2}.
|
||||||
|
|
|
@ -397,6 +397,10 @@ object CheckCommand "ssl_cert" {
|
||||||
value = "$ssl_cert_cn$"
|
value = "$ssl_cert_cn$"
|
||||||
description = "Pattern to match the CN of the certificate"
|
description = "Pattern to match the CN of the certificate"
|
||||||
}
|
}
|
||||||
|
"--altnames" = {
|
||||||
|
set_if = "$ssl_cert_altnames$"
|
||||||
|
description = "Matches the pattern specified in -n with alternate"
|
||||||
|
}
|
||||||
"-i" = {
|
"-i" = {
|
||||||
value = "$ssl_cert_issuer$"
|
value = "$ssl_cert_issuer$"
|
||||||
description = "Pattern to match the issuer of the certificate"
|
description = "Pattern to match the issuer of the certificate"
|
||||||
|
@ -417,6 +421,10 @@ object CheckCommand "ssl_cert" {
|
||||||
value = "$ssl_cert_serial$"
|
value = "$ssl_cert_serial$"
|
||||||
description = "Pattern to match the serial number"
|
description = "Pattern to match the serial number"
|
||||||
}
|
}
|
||||||
|
"-A" = {
|
||||||
|
set_if = "$ssl_cert_noauth$"
|
||||||
|
description = "Ignore authority warnings (expiration only)"
|
||||||
|
}
|
||||||
"-s" = {
|
"-s" = {
|
||||||
set_if = "$ssl_cert_selfsigned$"
|
set_if = "$ssl_cert_selfsigned$"
|
||||||
description = "Allow self-signed certificate"
|
description = "Allow self-signed certificate"
|
||||||
|
@ -427,7 +435,7 @@ object CheckCommand "ssl_cert" {
|
||||||
}
|
}
|
||||||
"-t" = {
|
"-t" = {
|
||||||
value = "$ssl_cert_timeout$"
|
value = "$ssl_cert_timeout$"
|
||||||
description = "Seconds before connection times out (default: 10)"
|
description = "Seconds before connection times out (default: 15)"
|
||||||
}
|
}
|
||||||
"-P" = {
|
"-P" = {
|
||||||
value = "$ssl_cert_protocol$"
|
value = "$ssl_cert_protocol$"
|
||||||
|
@ -441,6 +449,14 @@ object CheckCommand "ssl_cert" {
|
||||||
value = "$ssl_cert_clientpass$"
|
value = "$ssl_cert_clientpass$"
|
||||||
description = "Set passphrase for client certificate"
|
description = "Set passphrase for client certificate"
|
||||||
}
|
}
|
||||||
|
"-L" = {
|
||||||
|
value = "$ssl_cert_ssllabs$"
|
||||||
|
description = "SSL Labs assestment"
|
||||||
|
}
|
||||||
|
"--ignore-ssl-labs-cache" = {
|
||||||
|
set_if = "$ssl_cert_ssllabs_nocache$
|
||||||
|
description = "Forces a new check by SSL Labs"
|
||||||
|
}
|
||||||
"-r" = {
|
"-r" = {
|
||||||
value = "$ssl_cert_rootssl_cert$"
|
value = "$ssl_cert_rootssl_cert$"
|
||||||
description = "Root certificate or directory to be used for certificate validation"
|
description = "Root certificate or directory to be used for certificate validation"
|
||||||
|
@ -544,6 +560,5 @@ object CheckCommand "ssl_cert" {
|
||||||
|
|
||||||
vars.ssl_cert_address = "$check_address$"
|
vars.ssl_cert_address = "$check_address$"
|
||||||
vars.ssl_cert_port = 443
|
vars.ssl_cert_port = 443
|
||||||
vars.ssl_cert_timeout = 10
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue